University of Texas- Austin Profs Expose 2,490 Students' Personal Info Online
FOR IMMEDIATE RELEASE: July 14, 2008Media Contact: Aaron Titus
(202) 669-2969
AUSTIN, Texas. In its third (and largest) breach in just a few months, the University of Texas-Austin has exposed another 2,490 students' personal information online. More than 60 files containing student and faculty personal information were on University servers since as early as 2002, undetected by the University for more than five years. The files were discovered in January, 2008 and University officials restricted access to the files right away, but copies remained in the Yahoo search engine caches until at least late May, 2008. The files were posted by at least four separate professors, indicating systemic deficiencies in the way the university trains staff and scans servers for sensitive information.
Given the risk that search engine caches had not cleared, the Liberty Coalition waited until July to announce the breach. It is unknown whether the University of Texas has alerted affected individuals.
More than 60 files posted by several faculty members in zo.utexas.edu included confidential graduate applications, personal tax returns, and student databases. Student and faculty names, addresses, 66 social security numbers, 459 partial social security numbers, phone numbers, e-mails, scores, GPA, GRE Scores, Majors, Race, Gender, GPA, phone numbers, tax information, and a wide range of other sensitive information.
This event falls into a common national trend of university faculty making wholesale backups of personal computers on public university servers. In this instance, the sensitive information was posted on a School of Biological Sciences file server.
Individuals affected by this exposure should immediately visit www.nationalidwatch.org and search for their names, to confirm what types of personal information were exposed. NationalIDWatch.org has a list of recommended steps victims should take.
About NationalIDWatch.org
National ID Watch is a search engine for personal information breaches. Sponsored by the Washington, DC non-profit Liberty Coalition, NationalIDWatch.org provides more than a million free personalized Identity Exposure Reports™ as a public service.
Each Identity Exposure Report (IXR) documents what types of personal information were exposed (such as Social Security Numbers, Birth Dates, Addresses, etc.), without revealing them. Each IXR also details the situation surrounding each exposure, and contact information of those responsible for the breach. Armed with this information, victims can further investigate, take action, or correct harm.